December 26, 2013

The U.S. Department of Health & Human Services (HHS) recently launched a new website aimed at aiding providers in their efforts to engage patients in determining the best way to share their electronic information.

The site, called the Meaningful Consent site, provides "strategies and tools" to providers, including background information and lessons learned by other providers. It also includes videos and customizeable tools from the eConsent pilot that was completed in March 2013. The site is based on 2011 recommendations made by the Office of the National Coordinator for Health IT's HIT Policy Committee.

The site addresses the laws, policies and issues related to the electronic exchange of health information, also known as health information exchange, or HIE.

"As patients become more engaged in their healthcare, it's vitally important that they understand more about various aspects of their choices when it relates to sharing their health in the electronic health information exchange environment," Joy Pritts, chief privacy officer at ONC, said in a statement.

In response to the site's launch, Deborah Peel, founder and chair of Patient Privacy Rights--a nonprofit organization that works to ensure that Americans control all access to their health records--called HHS' efforts flawed.

"Just as HIEs are being ramped up in every state, it's deeply disturbing to see HHS mislead the American public about their very strong rights to health information privacy--ie, their rights to control who can see and use their health data," Peel said, in an email to FierceHealthIT.

"To make only two key points about the flaws in the new resource, Patient Consent for electronic health information exchange and the Model Notices Privacy Practices unveiled yesterday:

"The proposed Model NPP never mentions our fundamental right to health information privacy: HHS continues to be dominated by industry and support healthcare and technology systems that violate citizens' rights to health privacy. HHS should support the public's expectations, rights, and interests to control exchange of protected health information. Instead, it supports systems and policies that facilitate industry's and government's hidden use and sale of the nation's health data without informed consent. This status quo of hidden industry and government surveillance of our most sensitive personal information from DNA to diagnoses to prescription records continues.

"HHS should have informed us of our rights to a complete list of those who have seen our sensitive health information in electronic health records for three years--and why they accessed it, especially since current health IT systems and HIEs prevent patients from exercising their privacy rights. Instead the Model NPP incorrectly states that the list excludes disclosures of health information for treatment, payment, and healthcare operations (TPO), violating the 2009 HITECH language providing a right to an 'accounting of disclosures' of all health data from EHRs for the previous three years."